func checkAccessRequirements()

in lib/dam/dam_integrity.go [364:395]

• 32 lines of code
• 14 McCabe index (conditional complexity)

func checkAccessRequirements(templateName string, template *pb.ServiceTemplate, resName, viewName string, view *pb.View, cfg *pb.DamConfig, vopts ValidateCfgOpts) (string, error) {
	adapt, ok := vopts.Services.ByServiceName[template.ServiceName]
	if !ok {
		return httputils.StatusPath("services"), fmt.Errorf("service template %q service %q is not a recognized by this DAM", templateName, template.ServiceName)
	}
	if path, err := adapt.CheckConfig(templateName, template, resName, viewName, view, cfg, vopts.Services); err != nil {
		return path, err
	}
	if path, err := checkAccessRoles(view.Roles, templateName, template.ServiceName, cfg, vopts); err != nil {
		return httputils.StatusPath("views", viewName, "roles", path), fmt.Errorf("invalid view: %v", err)
	}
	desc, ok := vopts.Services.Descriptors[template.ServiceName]
	if !ok {
		return httputils.StatusPath("services", template.ServiceName), fmt.Errorf("internal error: service %q does not have a service descriptor", template.ServiceName)
	}
	if len(desc.ItemVariables) > 0 && len(view.Items) == 0 {
		return httputils.StatusPath("views", viewName, "items"), fmt.Errorf("view %q does not provide any target items", viewName)
	}
	if len(desc.ItemVariables) > 0 && desc.Properties != nil && desc.Properties.SingleItem && len(view.Items) > 1 {
		return httputils.StatusPath("views", viewName, "items"), fmt.Errorf("view %q provides more than one item when only one was expected for service %q", viewName, template.ServiceName)
	}
	for idx, item := range view.Items {
		vars, path, err := adapter.GetItemVariables(vopts.Services, template.ServiceName, item)
		if err != nil {
			return httputils.StatusPath("views", viewName, "items", strconv.Itoa(idx), path), err
		}
		if len(vars) == 0 {
			return httputils.StatusPath("views", viewName, "items", strconv.Itoa(idx), "vars"), fmt.Errorf("no variables defined")
		}
	}
	return "", nil
}